One-third of global respondents to a survey of IT security professionals believe their email is more vulnerable today than it was five years ago.
The finding has been reported by email security and archiving company Mimecast, in its new global research study: Mimecast Business Email Threat Report 2016, Email Security Uncovered. The survey of 600 IT security professionals, shows that while 64 percent regard email as a major cyber-security threat to their business (71 percent in South Africa), 65 percent (41) don’t feel fully equipped or up to date to reasonably defend against email-based attacks.
Email continues to be a critical technology in business and the threat of email hacks and data breaches loom large over IT security managers. Consequently, confidence and experience with previous data breaches and email hacks play key parts in determining a company’s perceived level of preparedness against these threats and targeted email attacks.
Of the 600 surveyed, just 35 percent (59 percent in South Africa) feel confident about their level of preparedness against data breaches. Of the 65 percent (41) who don’t feel fully prepared against future potential attacks, nearly half (49%) experienced such attacks in the past, indicating that they don’t feel any more protected following an attack than they did prior.
This is also reflected in the few steps taken toward widespread email security. Although 83 percent (75 percent in South Africa) of all respondents highlight email as a common attack vector, one out of ten report not having any kind of email security training in place. Among the least-confident respondents, 23 percent attest to lacking any supplementary security measures.
“Our cyber-security is under attack and we depend on technology, and email in particular, in all aspects of business. So it’s very disconcerting to see that while we might appreciate the danger, many companies are still taking too few measures to defend themselves against email-based threats in particular,” said Brandon Bekker, managing director, Mimecast South Africa. “As the cyber threat becomes more grave, email attacks will only become more common and more damaging. It’s essential that executives, the C-suite in particular, realize that they may not be as safe as they think and take action. Our research shows there is work still to be done to be safe and we can learn a lot from the experience of those that have learnt the hard way.”
Budget and C-suite involvement were the biggest gaps found between the most and least prepared respondents. Among the IT security managers who feel most prepared, five out of six say that their C-suite is engaged with email security. However, of all IT security managers who were polled, only 15 percent (17 percent in South Africa) say their C-suite is extremely engaged in email security, while 44 percent (28) say their C-suite is only somewhat engaged, not very engaged, or not engaged at all.
Those who feel better prepared to handle email-based threats also allocate higher percentages of their IT security budgets toward email security. These IT security managers allocate 50 percent higher budgets to email security compared to managers who were less confident in their readiness. From these findings, the data points to allotting 10.4 percent of the total IT budget toward email security as the ideal intersection between email security confidence and spend.
Mimecast found that five distinct “personas” emerged among the respondents, and characterized them into a Cyber-Security Shiver Grid based on their levels of email security and perceptions of data breach confidence: the Vigilant (16 percent), Equipped Veterans (19 percent), Apprehensive (31 percent), Nervous (6 percent) and Battle-Scarred (28 percent). Altogether, a majority of the IT security managers – totaling 65 percent, comprising the apprehensive, nervous and battle-scarred respondents – feel unprepared to manage email-based attacks.
Other key findings of the survey include:
- The top 20 percent of organizations that feel most secure are 250 percent more likely to see email as their biggest vulnerability.
- Confident IT security managers are 2.7x more likely to have a C-suite that is extremely or very engaged in email security. They are also 1.6x more likely to see C-suite involvement in email security as extremely or very appropriate.
- The least confident IT security managers are more likely to be using Microsoft’s Exchange Mail Server 2010, which ended mainstream support in January 2015. The most confident managers are more likely to use the up-to-date Exchange Server 2013.
- 70 percent of IT professionals that have recently and directly experienced an email hack employ internal safeguards, such as data leak prevention or targeted threat protection.
- Apprehensive IT security professionals are more likely to be found in smaller (fewer than 500 employees) firms than larger ones (32 percent to 18 percent, respectively).
- Less than half (48 percent) of IT security managers in smaller firms feel confident and well-prepared for tackling email security threats, compared to larger companies.
Veeam passes $1bn, prepares for cloud’s ‘Act II’
Leader in cloud-data management reveals how it will harness the next growth phase of the data revolution, writes ARTHUR GOLDSTUCK
Veeam Software, the quiet leader in backup solutions for cloud data management,has announced that it has passed $1-billion in revenues, and is preparing for the next phase of sustained growth in the sector.
Now, it is unveiling what it calls Act II, following five years of rapid growth through modernisation of the data centre. At the VeeamON 2019conferencein Miami this week, company co-founder Ratmir Timashev declared that the opportunities in this new era, focused on managing data for the hybrid cloud, would drive the next phase of growth.
“Veeam created the VMware backup market and has dominated it as the leader for the last decade,” said Timashev, who is also executive vice president for sales and marketing at the organisation. “This was Veeam’s Act I and I am delighted that we have surpassed the $1 billion mark; in 2013 I predicted we’d achieve this in less than six years.
“However, the market is now changing. Backup is still critical, but customers are now building hybrid clouds with AWS, Azure, IBM and Google, and they need more than just backup. To succeed in this changing environment, Veeam has had to adapt. Veeam, with its 60,000-plus channel and service provider partners and the broadest ecosystem of technology partners, including Cisco, HPE, NetApp, Nutanix and Pure Storage, is best positioned to dominate the new cloud data management in our Act II.”
In South Africa, Veeam expects similar growth. Speaking at the Cisco Connect conference in Sun City this week, country manager Kate Mollett told Gadget’s BRYAN TURNER that the company was doing exceptionally well in this market.
“In financial year 2018, we saw double-digit growth, which was really very encouraging if you consider the state of the economy, and not so much customer sentiment, but customers have been more cautious with how they spend their money. We’ve seen a fluctuation in the currency, so we see customers pausing with big decisions and hoping for a recovery in the Rand-Dollar. But despite all of the negatives, we have double digit growth which is really good. We continue to grow our team and hire.
“From a Veeam perspective, last year we were responsible for Veeam Africa South, which consisted of South Africa, SADC countries, and the Indian Ocean Islands. We’ve now been given the responsibility for the whole of Africa. This is really fantastic because we are now able to drive a single strategy for Africa from South Africa.”
Veeam has been the leading provider of backup, recovery and replication solutions for more than a decade, and is growing rapidly at a time when other players in the backup market are struggling to innovate on demand.
“Backup is not sexy and they made a pretty successful company out of something that others seem to be screwing up,” said Roy Illsley, Distinguished Analyst at Ovum, speaking in Miami after the VeeamOn conference. “Others have not invested much in new products and they don’t solve key challenges that most organisations want solved. Theyre resting on their laurels and are stuck in the physical world of backup instead of embracing the cloud.”
Illsley readily buys into the Veeam tagline. “It just works”.
“They are very good at marketing but are also a good engineering comany that does produce the goods. Their big strength, that it just works, is a reliable feature they have built into their product portfolio.”
Veeam said in statement from the event that, while it had initially focused on server virtualisation for VMware environments, in recent years it had expanded this core offering. It was now delivering integration with multiple hypervisors, physical servers and endpoints, along with public and software-as-a-service workloads, while partnering with leading cloud, storage, server, hyperconverged (HCI) and application vendors.
This week, it announced a new “with Veeam”program, which brings in enterprise storage and hyperconverged (HCI) vendors to provide customers with comprehensive secondary storage solutions that combine Veeam software with industry-leading infrastructure systems. Companies like ExaGrid and Nutanix have already announced partnerships.
Timashev said: “From day one, we have focused on partnerships to deliver customer value. Working with our storage and cloud partners, we are delivering choice, flexibility and value to customers of all sizes.”
‘Energy scavenging’ funded
As the drive towards a 5G future gathers momentum, the University of Surrey’s research into technology that could power countless internet enabled devices – including those needed for autonomous cars – has won over £1M from the Engineering and Physical Sciences Research Council (EPSRC) and industry partners.
Surrey’s Advanced Technology Institute (ATI) has been working on triboelectric nanogenerators (TENG), an energy harvesting technology capable of ‘scavenging’ energy from movements such as human motion, machine vibration, wind and vehicle movements to power small electronic components.
TENG energy harvesting is based on a combination of electrostatic charging and electrostatic induction, providing high output, peak efficiency and low-cost solutions for small scale electronic devices. It’s thought such devices will be vital for the smart sensors needed to enable driverless cars to work safely, wearable electronics, health sensors in ‘smart hospitals’ and robotics in ‘smart factories.’
The ATI will be partnered on this development project with the Georgia Institute of Technology, QinetiQ, MAS Holdings, National Physical Laboratory, Soochow University and Jaguar Land Rover.
Professor Ravi Silva, Director of the ATI and the principal investigator of the TENG project, said: “TENG technology is ideal to power the next generation of electronic devices due to its small footprint and capacity to integrate into systems we use every day. Here at the ATI, we are constantly looking to develop such advanced technologies leading towards our quest to realise worldwide “free energy”.
“TENGs are an ideal candidate to power the autonomous electronic systems for Internet of Things applications and wearable electronic devices. We believe this research grant will allow us to further the design of optimized energy harvesters.”